<?php
 if ( ! defined('BASEPATH')) exit('No direct script access allowed');
Class Muser extends MY_Model
{
    public function __construct()
    {
        parent::__construct();
    }
    
    public function loginAdmin()
    {
        $uname = $this->getParamString('username');
        $upass = $this->getParamString('password');
        //die('uname:'.$uname.'-pass:'.$upass);
        $sql = $this->db->query("SELECT id,username,passwd,fullname,img, level, agency, money,place FROM user WHERE username = '".$uname."' ");
        if($sql->num_rows() > 0)
        {
            $data           = $sql->row();
            $pword          = $data->passwd;
            $ups            = md5(md5($uname).md5($upass));
            //die('pword:'.$pword.'-ups:'.$ups);
			
			if($ups == $pword)
            {
                $data = array(
                    'id_user'        => $data->id,
                    'username'       => $data->username,
                    'fullname'       => $data->fullname,
                    'level'          => $data->level,
                    'agency'         => $data->agency,
                    'img'            => $data->img,
                    'money'          => $data->money,
					'place'          => $data->place   
                );
                $this->session->set_userdata($data);
                return 200;
            }
            return 201;
        }
        return 202;
        
    }
    
    public function getUserInfo($id)
    {
        return $this->db->query('SELECT * FROM user WHERE id = '.$id)->row_object();
    }
    
    public function updatepasswordDB($id)
    {
		
        $data = $this->db->query('SELECT * FROM user WHERE id = '.$id)->row_object();
        $currentPassword = $this->getParamString('currentPassword');
        $pword          = $data->passwd;
        $ups            = md5(md5($data->username).md5($currentPassword));
        if($ups == $pword)
        {
            $data_ = array(
                'passwd'        => md5(md5($data->username).md5($this->getParamString('password')))
            );
             $this->db->update('user', $data_, "id = ".$id);
             return 200;
        }else{
			die('id:'.$id.'-currentPassword:'.$currentPassword.'--KO trùng');
            return 'Mật khẩu hiện tại không đúng';
        }
    }
    
    public function updateInfo($id,$img)
    {
        $data = array(
                'fullname'  => $this->getParamString('fullname'),
                'email'     => $this->getParamString('email'),
                'mobile'    => $this->getParamString('mobile'),
                'address'   => $this->getParamString('address'),
                'company'   => $this->getParamString('company')
            );
        $pass   = $this->getParamString('newpassd');
        $uname  = $this->getParamString('username');
        if(!in_array($img, array(null, '', '0')))
        {
            $data['img']  = $img;
        }
        
        $this->db->update('user', $data, "id = ".$id);
		 $data_ = array(
                    'fullname'       => $this->getParamString('fullname'),
					'mobile' => $this->getParamString('mobile'),
					'email' => $this->getParamString('email'),
					'address' => $this->getParamString('address'),
                     'img' => $img
                );
        $this->session->set_userdata($data_);
		
        return 200;
    }
    
    public function getUsers($number,$offset)
    {
        $limit = $offset ? intval($offset) : '0';
        $id = array();
        
        $sql = "SELECT u.id, u.username, u.mobile, u.fullname, u.address, u.email, u.company, u.`level`, u.img, u.active, DATE_FORMAT(u.created, '%d-%m-%Y') as time, u1.username AS useradmin, u.place as place FROM user AS u INNER JOIN user AS u1 ON u1.id = u.admin WHERE 1=1";
        $key = $this->getParamString('keyword');
        if(!in_array($key, array(null, '', '0')))
        {
            $sql .= " AND (username like '%".$key."%' OR ";
            $sql .= " fullname like '%".$key."%') ";
        }
        $sql .= " ORDER BY id DESC";
        $xdata = " LIMIT ".$limit.",".$number." ";
        
        $xs = $this->db->query($sql.$xdata)->result_object();
        $count = $this->db->query($sql)->num_rows();
        return array('data' => $xs, 'count' => $count);
        
    }
    
    public function addAccount($id, $img)
    {
        $uname = $this->getParamString('username');
        $upass = $this->getParamString('password');
        $ups            = md5(md5($uname).md5($upass));
        $data = array(
            'username'  => $uname,
            'passwd'    => $ups,
            'fullname'  => $this->getParamString('fullname'),
            'address'   => $this->getParamString('address'),
            'email'     => $this->getParamString('email'),
            'company'   => $this->getParamString('company'),
            'level'     => $this->getParamInt('level'),
            'active'    => $this->getParamInt('active'),
            'mobile'    => $this->getParamString('mobile'),
            'created'   => date('Y-m-d H:i:s'),
            'admin'     => $id,
            'img'       => $img,
            'agency'    => $this->getParamInt('agency'),
			'place'		=> $this->getParamInt('place'),
			'money'		=> 0
        );
        $this->db->insert('user', $data);
        return 200;
    }
    
    
    public function editAccountDB($admin, $img, $id)
    {
        $uname = $this->db->query('SELECT username FROM user WHERE id = '.$id)->row_object()->username;
        
        $data = array(
            'fullname'  => $this->getParamString('fullname'),
            'address'   => $this->getParamString('address'),
            'email'     => $this->getParamString('email'),
            'company'   => $this->getParamString('company'),
            'level'     => $this->getParamInt('level'),
            'active'    => $this->getParamInt('active'),
            'mobile'    => $this->getParamString('mobile'),
            'created'   => date('Y-m-d H:i:s'),
            'admin'     => $admin,
            'agency'    => $this->getParamInt('agency'),
			'place' 	=> $this->getParamInt('place')
            
        );
        
        if(!in_array($img, array(null, '', '0')))
        {
            $data['img'] = $img;    
        }
        @$upass = $this->getParamString('password');

        if(!in_array($upass, array(null, '', '0')))
        {
            $ups            = md5(md5($uname).md5($upass));
            $data['passwd'] = $ups;    
        }
        
        $this->db->update('user', $data, "id = ".$id);
        return 200;
    }
    
    
    public function getListDataUser($id)
    {
        $data = $this->db->query('SELECT * FROM user WHERE id = '.$id)->row_object();
        $data->passwd = null;
        return $data;
    }
    
    
    public function deleteAccountDb($id)
    {
        $this->db->delete('user', "id =".$id);
        return 200;
    }
    
    public function getAgencyAjaxDb()
    {
        $data = $this->db->query('SELECT id, username FROM user WHERE level = 2')->result_object();
        $arr = array();
        $arr[''] = 'Chọn 1 Agency';
        foreach($data AS $el=>$le)
        {
            $arr[$le->id] = $le->username;
        }
        return $arr;
    }
	
	public function getPlaceAjaxDb()
    {
        $data = $this->db->query('SELECT id, shopName, address FROM shop WHERE 1=1')->result_object();
        $arr = array();
        $arr[''] = 'Chọn 1 địa điểm';
        foreach($data AS $el=>$le)
        {
            $arr[$le->id] = $le->shopName.' - '.$le->address;
        }
        return $arr;
    }
	
	
}